The Hacker News — Cyber Security, Hacking, Technology News

Took place in mid-2014, in the incident, anonymous hackers flooded the Internet with private nude photographs of major celebrities, including Jennifer Lawrence, Kim Kardashian, Kate Upton and Kirsten Dunst.

The Fappening was the result of the hack of thousands of Apple's iCloud accounts, including those belonging to Hollywood actresses, models and major celebrities.

Main Culprit Behind The Fappening

However, now two years later, new court documents reveal the name of the FBI’s top suspected hacker: Ed Majerczyk.

In October of 2014, the Federal Bureau of Investigation (FBI) raided the home of Ed Majerczyk, a Chicago man believed to be the chief culprit behind a series of 2014 leaked celebrity nude photos that came to be known as 'The Fappening' or 'Celebgate'.

The man allegedly suspected of illegally accessing iCloud accounts from his home in Chicago. Also, the FBI found some sexual photographs lifted from Jennifer Lawrence, among his alleged social engineering exploits, according to court documents obtained by Gawker.

Here's How The Fappening Happened

Majerczyk's name came up after the federal agents raided the Chicago home of Emilio Herrera, who was alleged to have breached thousands of Apple's iCloud accounts, including more than 100 celebrity victims.

The court documents [PDF] show Majerczyk inevitably gained access to victim's iCloud accounts after posing as an "Apple Technical Assistant" employee, resulting in the stealing of the nude photos of very famous actresses and subsequently leaking them to the Internet.

"The FBI says Majerczyk, through a series of bogus email accounts like 'appleprivacysecurity@gmail.com' created a phishing dragnet that duped very famous victims into providing him with their passwords through some pretty elementary tricks…," Gawker reported.

How Did Jennifer Lawrence Hack?

Lawrence – who called the leak a "sex crime" – lost access to her iCloud account and then received a fake support email from appleprivacysecurity@gmail.com. The message reads as follows:

"Your Apple ID was used to login into iCloud from an unrecognized device on Wednesday, August 20th, 2014. Operating System: iOS 5.4 Location: Moscow, Russia (IP=95.108.142.138) If this was you please disregard this message. If this wasn't you for your protection, we recommend you change your password immediately. In order to make sure it is you changing the password, we have given you a one-time passcode, 0184737, to use when resetting your password at http://applesecurity.serveuser.com/. We apologize for the inconvenience and any concerns about your privacy. Apple Privacy Protection."

Lawrence then forwarded the phishing email to her assistant that could have given the hacker full access to her iCloud account.

The court documents show that Majerczyk used the combination of deceptive web domains and fake security warnings appear as if they originated from Apple in order to gain access to other Hollywood stars iCloud accounts.

According to the FBI, Majerczyk breached 330 unique iCloud accounts from his home a total of over 600 times in 2014. And once breached, Majerczyk downloaded the entirety of a victim's iPhone camera roll and uploaded it on 4chan.

A report by the Sun-Times notes that the overwhelming majority of the victim's iCloud accounts accessed by Majerczyk were from outside of Illinois.

The FBI investigation is ongoing. So let's wait and watch what comes next.

A 26-year-old hacker has been sentenced to 334 years in prison for identity theft as well as mass bank fraud in Turkey, or in simple words, he has been sentenced to life in prison.

Named Onur Kopçak, the hacker was arrested in 2013 for operating a phishing website that impersonated bank site, tricking victims into providing their bank details including credit card information.

Kopçak's website was part of a big credit card fraud scheme in which he and other 11 operators were making use of the illegally obtained bank account details to carry out fraudulent operations.

During his arrest in 2013, Turkish law authorities charged Kopçak with:

Identity fraud

Website forgery

Access device fraud

Wire fraud...

...and sentenced him to 199 years 7 months and 10 days in prison, following complaints from 43 bank customers.

However, during the investigation, 11 other bank customers also filed complaints about their payment card fraud, thus triggering a new trial.

Oh, 199 + 135 = 334 years in Prison

During the new trial, which was concluded yesterday (January 10), the Mersin Third Criminal Court of General Jurisdiction further added another 135 years to Kopçak's original sentence of 199 years 7 months and 10 days in prison, Daily Sabah reported.

With a total of 334 years in jail, Kopçak is by far the top in the list of hackers with the biggest prison sentence.

However, Kopçak and his lawyers demanded a 35-year sentence be upheld, pleading to the court for a lower sentencing saying "I am sure you’ll not even remember the color of my skin."

Cyber crime trend has changed in recent years. Last year, Ross Ulbricht – the alleged founder and mastermind of the infamous online black marketplace Silk Road – received life in the prison sentence when found guilty of narcotics conspiracy and money laundering, among other criminal charges.

"Sujan was an external operations planner and a United Kingdom-educated computer systems engineer. Sujan supported ISIS hacking efforts, anti-surveillance technology and weapons development. Now that he is dead, ISIL has lost a key link between networks."

The 31-year-old man not just suspected of running a global money-laundering ring for ISIS from his former base in Britain, but also believed to have paid for a 15-year-old British girl to travel to become a jihadi bride, The Mail reported.

Sujan came to the UK as a student in 2003, where he studied computer system engineering at the University of Glamorgan.

After finishing his studies, Sujan settled in Cardiff and brought his wife Shayma Akter, 28, in 2005. Then in 2006, he founded an IT firm 'Ibacs' with his brother in Newport, near Cardiff. But due to failing in receiving a visa extension to remain in the UK, he was forced to leave the country in 2014.

Before leaving the United Kingdom, Sujan told his friends that he and his wife wanted to return to his native country of Bangladesh.

However, Sujan made to join ISIS and soon became a senior figure for the terror group after replacing another top hacker from the UK, Junaid Hussain, who was killed by an air strike in August.

The US drone strike that blasted Sujan in Syria was part of a wider strategic bombing raid that took place over a number of days and killed ten ISIS leaders including Sujan.

Encryption is defeating government intelligence agencies to detect terrorist activities and after the recent ISIS-linked terror attacks in Paris and California, the issue has once again become a political target in Washington.

FBI: For God's Sake, Don't Use End-to-End Encryption

At a Senate hearing on Wednesday, FBI's Director James Comey called for tech companies currently providing users with end-to-end encryption to reconsider "their business model" and simply stop doing that, reported The Intercept.

Yes, instead of asking companies for a "backdoor" this time, Comey suggested them to adopt encryption techniques that help federal agencies intercept and turn over end-to-end encrypted communications when necessary.

"The government doesn't want a backdoor, but [it] hopes to get to a place where if a judge issues an order, the company figures out how to supply that information to the judge and figures out on its own the best way to do that," said Comey.

Comey: Keep Readable Version of Customers' Messages

End-to-end Encryption is a secure communication that encrypts the data on the sender's system before passing it to a company server. The company then passes the encrypted data to the intended recipient, who is the only person who can decrypt it.

Nobody in between, be an application service provider, an Internet service provider (ISP), hacker, or even law enforcement officials, can read the data or tamper with it.

However, Comey is asking for the technology companies to retain a readable version of that initial data, just in case the authorities need it.

"There are plenty of companies today that provide secure services to their customers and still comply with court orders," he said. "There are plenty of folks who make good phones [and] are able to unlock them in response to a court order."

Terrorists and Encryption

Moreover, Comey also gave an example of a situation in which law enforcement officials faced obstacle because of encryption.

"In May, when two terrorists attempted to kill a whole lot of people in Garland, Texas, and were stopped by the action of great local law enforcement. That morning, before one of those terrorists, left to try to commit mass murder, he exchanged 109 messages with an overseas terrorist. We have no idea what he said because those messages were encrypted. That is a big problem."

You can watch his full speech at the Senate hearing in the video given below:

So at last, the FBI director did not actually make crystal clear exactly what measures he wants tech companies to adopt, or whether he had favor laws to force the companies to do it. But, he made partially clear that he is not at all satisfied with the current need to encrypt devices.

Good news, we bring an amazing deal of this month for our readers, where you can get hacking courses for as little as you want to pay and if you beat the average price you will receive the fully upgraded hacking bundle!

The arrests took place shortly before China President Xi Jinping visited the United States in September 2015 when both heads of states agreed that neither side will participate in commercial espionage against one another.

Citing an "investigation", the Chinese government said the OPM hack was actual "a criminal case" rather than a state-sponsored attack as the US government had suspected, Chinese media outlet Xinhua News Agency reported.

Some unknown US federal officials had previously blamed China for the attack, though, they did not publicly point their fingers at the Chinese government.

No further details regarding the investigation were provided yet or whether the United States or Chinese government had conducted the investigation.

However, US government has urged for more detailed information sharing, though, White House spokesperson told Reuters that the first U.S.-Chinese dialogue was "an important step" in addressing US concerns about Chinese cyber-espionage.

So, now let’s just wait till June, when both the countries would meet again for the second cyber security ministerial talk in Beijing.

The FBI believes a single hacker who goes by the moniker Mr.Grey has stolen login credentials for over 1.2 Billion online accounts – apparently the biggest heist of log-in credentials the FBI has investigated thus far.

Yeah, that's not Fifty, but 1.2 Billion Shades of Grey.

The information came from the court documents the federal agents submitted to support its search warrant request in 2014, Reuters reported.

The cyber security firm 'Hold Security' initially reported the theft of the credentials last year. It found out that Russian hacking group CyberVor has stolen 1.2 Billion login details and an additional 500 Million email accounts.

Botnet Breach

These data were said to have been harvested from over 420,000 websites via botnets looking for SQL injection flaws; the same technique recently used to hack TalkTalk.

Botnets are usually employed to attack an individual target, but in this case, they have been used as a huge scanner to scan websites on the Internet.

"To the best of our knowledge, [CyberVor] mostly focused on stealing credentials, eventually ending up with the largest cache of stolen personal [data], totalling over 1.2 Billion unique sets of emails and passwords," Hold Security said in August last year.

1.2 Billion Shades of Grey

The FBI is linking Mr.Grey to the largest heist after finding his Russian email address in spam-sending tools and posts on a Russian hacking forum offering to get user login credentials of Twitter, Facebook and Russian social network VK during its investigation.

Alex Holden, chief information security officer at Hold Security, believes those posts on online hacking forum prove that the hacker, "mr.grey" or "mistergrey", has access to a large database of stolen online credentials.

However, it's still unclear if Mr.Grey obtained all the login credentials by himself alone, or if Mr.Grey is just a single hacker or a group of hackers operating under one name.

Unfortunately, not much information is known about Mr.Grey's operations, but we will update soon if the FBI releases any new info.

Gottfrid Svartholm Warg, the co-founder of the notorious file-sharing website The Pirate Bay, has been released from a Sweden prison following three years behind bars for hacking and copyright offenses.

Yes, Svartholm Warg, also known as Anakata, is a free man again.

Svartholm was convicted on both Swedish copyright offences and Danish hacking conspiracy connected to The Pirate Bay.

The news comes just a few months after the third and last founder of Pirate Bay Fredrik Neij (also known as TiAMO) was released from a Swedish prison after serving his 10-month prison sentence.

Svartholm has not yet made any public statements following his release from a Swedish prison on Saturday. His release was reported by Swedish newspaper Dagens Nyheter.

However, the release was confirmed by Warg's mother Kristina Svartholm on Twitter.

"Yes, #anakata is free now. No more need to call for #freeanakata. Thank you everyone for your important support during these three years!"

Svartholm was arrested in his Cambodian apartment in September 2012, and extradited to Sweden in November 2013, where he served charges for copyright theft. In November 2013, he was finally extradited to Denmark to face charges in the CSC hacking cases.

Once the world's most popular file-sharing website, The Pirate Bay predominantly used to share copyrighted material, such as pirated software, video files and other stuff, free of charge.

Despite the criminal convictions and numerous takedowns in police raids, the Pirate Bay continues to operate, although it has moved to different Web domains several times.

In the recent incidents, Jeep Cherokee, as well as OnStar's application, were hacked leaving the cars as the slaves of the hackers and prone to accidents.

A security flaw in the car's entertainment system was compromised by two white hat hackers: Charlie Miller and Chris Valasek. The flaw allowed the hackers to inject malware into the system for remote control from miles away.

The hackers were able to turn up the music volume to the maximum and start the windshield wipers remotely while they were ‘10 miles away’.

An outrageous act they did was cutting off the transmission and disconnected the brakes that led the car crash into a ditch.

Reports say that both Jeep Cherokee and Escalade have an inherent security flaw. This is such:

The cars' apps, Bluetooth and telematics connecting the car to a cellular network like OnStar are on the same network as the engine controls, brakes, steerings and tire pressure monitor system.

Miller and Valasek said a car’s networked system could be an easy gateway for the hackers to come in with just the use of their mobile phones and a laptop.

What they need to do is just know the car’s IP address, and they can break into its system through a wireless internet connection.

#6 Data Breach at US Government Office of Personnel Management

United States Office of Personnel Management (US OPM) is an independent agency of the United States that works to recruit, retain and honor a world-class workforce for the American people.

Hackers accessed sensitive data of US government officials that could be used for identity theft and cyber-espionage.

The stolen data included Social Security Numbers, employment history, residency and educational history, criminal and financial history, fingerprints, information about health, personal and business acquaintances.

Some stolen records also include findings from interviews conducted by background investigators that discussed sexual assaults and drug, mental health treatments and alcohol addictions.

#7 Anthem Data Breach

Anthem Insurance Inc., previously known as WellPoint Inc, was a victim of a massive cyber attack in February.

Back in February, Cyber attackers executed a very sophisticated attack to gain unauthorized access to the company’s IT systems that had database of some 80 million people and obtained personal identifiable information (PII) relating to its consumers and employees.

The path may have been "Phishing", in which a fraudulent e-mail could have been used to trick employees into revealing their network ID and password, or into unknowingly downloading software code that gives the hackers long-term access to Anthem’s IT environment.

The company informed millions of its affected customers of the massive data breach that potentially exposed the personal information of its former as well as current customers.

Anthem appointed Mandiant, world’s leading cyber security organization, to evaluate the scenario and provide necessary solutions.

This is just the beginning...

These are just seven; there are many more! And it could reach you too.

The power of the cyberspace and the criminals hovering over it should not be underrated.

Chucking such happenings where your personal data is at risk and being irrational is not the solution rather it is the beginning of activities that will bother you big time in the future.

The cyberspace is like a dope that is capable of psychoactive effects. A proactive thinking and approach will take you ahead of the people on the other end.

Take the time to ponder over the incidents and respond wisely is all we have to say!

#2 Ashley Madison Data Breach

Two months ago, Toronto-based Ashley Madison website, popular as an online Married Dating portal for extramarital affairs with the tagline "Life is Short. Have an Affair," was hacked by ‘The Impact Team’.

Hackers allegedly gained access to millions of its customers information database and posted 10GB of personal data for its tens of Millions of customers, including their names and email addresses.

Frequently followed by another leak, where hackers released another 20GB of company's internal data, including personal e-mails from the CEO of Ashley Madison parent company Avid Life, Noel Biderman, along with the source code for its website and mobile apps.

The breach came just two months after an attack on another scandalous site, Adult Friend Finder where again millions of people’s very personal data were left exposed on the Internet.

The Ashley Madison and Adult Friend Finder hacking cases raise serious questions about what these dating websites are doing to ensure the security of their users' personal information.

The hack wasn’t limited to unreleased movies — the unknown hackers leaked about 200 gigabytes of confidential data belonging to Sony Pictures from movie scripts to sensitive employees data, celebrity's' phone numbers and their travel aliases, making it the most severe hack in the History.

As a result, Sony had to shut down its services for weeks. However, it struggled to solve the issue by pulling “The Interview” from theaters and eventually putting it up on Netflix.

But, things have not changed much for Sony. This was the second time Sony was targeted, and the intensity of the attack was such that even after taking the best measures, a subsequent amount of the company’s data was leaked to WikiLeaks.

THN Deals Store this week brings you the Cybersecurity Certification Mega Bundle, which will walk you through the skills and concepts you need to master three elite cybersecurity certification exams: CISA, CISM, and CISSP [...]

Hacking Team, the Italy-based spyware company that sells spying software to law enforcement agencies worldwide, says the company has always operated with the law and regulation in an ethical manner.

However, there was only one Violation of Law in this entire event, and that is – "the massive cyber attack on the Hacking Team." company stated.

The recent hack on Hacking Team exposed nearly 500GB of massive internal documents including internal emails, hacking tools, zero-day exploits, surveillance tools, source code for Spyware and a spreadsheet listing every government client with date of purchase and amount paid.

Hacking Team Hack and Media Reports:

The attack on Hacking Team was really huge in every sense. The team finally shows its disappointment with media on its hacking incident saying, the company that helps government fight crimes is being treated as the culprits, and the criminals who attacked the company are not.

"Had a media company been attacked as Hacking Team has been, the press would be outraged," Hacking Team wrote in its press release Wednesday.

But, every media including us have mentioned that Hacking Team got hacked, which by default indicates that they were the victim to cyber crime.

So far, neither they nor anyone in media knows who has hacked and leaked 500GB of internal data belonging to Hacking Team.

So, what do they expect from Media to talk about?

The Unknown Hacker, about whom no one knows,

or the 500 GB of leaked Hacking Team’s Secrets

Hacking Team Spyware: Fighting for Crime or aiding Surveillance?

Apart from this, the Hacking Team claimed that the strong spyware and hacking tools developed by the company are actually required by the law enforcement agencies to fight crime and terrorism.

Recently, a 46-year-old member of South Korea's National Intelligence Service (NIS) apparently committed suicide after it was revealed that the Asian country bought spying tools from the Hacking Team.

A Suicide note left by the agent at the scene referenced the Hacking Team controversy, and claimed his intelligence team did not use Hacking Team tools to spy on South Korean citizens' mobile phone or any other online communications.

This incident could be part of the same conspiracy, which is yet to be investigated.

Some Facts Highlighted by Hacking Team

Highlighting the facts about its recent hack attack, the company says the attackers stole and exposed the personal information of its employees and some of its clients.

However, the attackers were unable to access the data collected by company's clients using purchased spying software, as such information is only stored on the customer's systems and can’t be accessed by the company itself.

The attackers also exposed some of its source code on the Internet, but according to Hacking Team, the essential elements of its source code were not compromised in the attack.

The company agreed of selling its equipments to countries, including Ethiopia, Sudan, Russia and South Korea among others, but always sold "strictly under the law and regulation."

"There have been reports that our software contained some sort of "backdoor" that permitted Hacking Team insight into the operations of our clients or the ability to disable their software," The company says.

"This is not true."

"No such backdoors were ever present, and clients have been permitted to examine the source code to reassure themselves of this fact."

The US State Department and the Federal Bureau of Investigation are willing to pay a total $4.2 Million for information leading to the arrest and/or conviction of top 5 most wanted cyber criminals accused of conducting frauds of hundreds of millions of dollars.

Evgeniy Mikhailovich Bogachev, also known under the aliases "lucky12345," "Slavik," and "Pollingsoon," is the mastermind behind the GameOver Zeus botnet, which was allegedly used by criminals to infect more than 1 Million computers, resulting in up to $100 Million in losses since 2009.

Besides GameOver Zeus botnet, Bogachev is also accused of developing CryptoLocker Ransomware, which was designed to extort money from computer victims by holding their system’s files hostage until the victim pays a ransom fee to get them back.

Bogachev tops the FBI target's list with $3 Million in reward for anyone giving the information leading to his direct arrest and/or conviction.

This 34-year-old Romanian is accused of fooling innocent Americans with fake auction posts on several websites, including eBay, Cars.com, and AutoTrader.com, claiming to sell cars that just didn't exist.

Popescu and other criminal hackers affiliated with the scheme made more than $3 Million off the auctions, victimizing almost 800 users who handed over money for imaginary cars, Rolex watches, yachts, private airplanes, and other luxury goods.

Authorities tracked down and arrested six members of the cyber gang in late 2012, but Popescu and a partner slipped away.

3. Alexsey Belan | Reward - $100,000

Alexsey Belan, a Russian national, is wanted for allegedly stealing consumer data by compromising the cyber security systems of three unnamed major US-based e-commerce sites in Nevada and California between 2012 and 2013.

After stealing and exporting user databases with passwords to his server, Belan is accused of allegedly negotiating the sales of the databases.

4. Peteris Sahurovs | Reward - $50,000

Peteris Sahurovs is accused of developing and selling a computer virus through advertisements on news website pages. He allegedly carried out the scheme from February 2010 to September 2010.

Under the malicious scheme, the fake ads displayed on the web pages forced users to purchase fraudulent antivirus software.

In case, a user refuse to buy the software, the victim’s desktop would be flooded with pop-ups and fake security alerts.

Sahurovs, a native of Latvia, made more than $2 Million by selling his "antivirus" software.

5. Shailesh Kumar Jain | Reward - $50,000

Shailesh Kumar Jain is the only American citizen on the FBI’s Most Wanted Hackers list.

Jain made $100 Million between December 2006 and October 2008, according to the FBI. He used a flood of pop-up ads and email scamming to convince users that their computers were infected with a virus and then selling them the bogus AV software packages for between $30 and $70.

The Law enforcement agencies from six different European countries have taken down a major Ukrainian-based cyber criminals gang suspected of developing, distributing and deploying Zeus and SpyEye banking malware.

According to the report on the official website of Europol, authorities have arrested five suspects between June 18 and 19.

All the five suspects are the members of an alleged gang that has been accused of infecting tens of thousands of computers worldwide with malware and banking Trojans.

The alleged cybercriminal group distributed and used Zeus and SpyEye malware to steal money from several major banks in Europe and outside.

The gang constantly modified its malware Trojans to defeat the security protocols of banks and used "mule networks" to launder money.

"On the underground digital forums, they actively traded stolen credentials, compromised bank account information and malware," Europol said in a statement on Thursday, "while selling their hacking ‘services’ and looking for new cooperation partners in other cybercriminal activities."

Each cyber criminal of the alleged group had their own speciality. Also, the cyber gang was involved in developing malware, infecting machines and trading stolen bank credentials, malware, and hacking for hire services in underground fraudster forums.

More than EUR 2 Million in Damages

According to officials, the gang has caused financial damages estimated at more than 2 Million Euro.

The operation was conducted by the Joint Investigation Team (JIT), and the take-down was part of an ongoing initiative launched by Europol in the year 2013 that has resulted in 60 arrests to date.

Just two months ago, the law enforcement took down highly sophisticated BeeBone botnet that had infected more than 12,000 computers worldwide.

Also, the ongoing initiative resulted in took down of Ramnit botnet, which infected over 3.2 Million computers worldwide. Last year the FBI and Europol tore down the GameOver Zeus botnet, although it came back a month after its took down.

Ross Ulbricht, the alleged founder and mastermind of the infamous online black marketplace Silk Road, has been sentenced to life in prison after being found guilty of narcotics conspiracy, money laundering and other criminal charges.

This means the 31-year-old San Francisco man will die behind bars.

With all the seven charges stemming from the creation and operation of the once the Internet's largest online illegal-drug marketplace, Ulbricht was facing 20 years at a minimum sentence, but making life in prison is the harshest possible sentence.

Ulbricht's Life in Prison without any possibility of Parole:

The sentence was made by Judge Katherine B. Forrest in a Federal District Court in Manhattan, though Forrest admitted it was a "very, very difficult" call to make, leaving Ulbricht without any hope of parole.

Operating online as "Dread Pirate Roberts," Ulbricht ran the $1.2 billion Empire from the year 2011 to 2013, armed just with a laptop and a Wi-Fi connection.

Silk Road ran on the Tor network to maintain its operations, and carried out more than $200 Million in illegal transactions, before Federal agents seized Silk Road servers and arrested Ulbricht in October 2013, along with bitcoins worth $3.6 million.

Ulbricht asked for Mercy, but Judge rejected:

Ulbricht pleaded for leniency in his sentence during the court hearing, but that didn't work out.

"I wish I could go back and convince myself to take a different path," Ulbricht said. "If given the chance, I would never break the law again."

However, US District Judge described Silk Road as "an assault on the public health of our communities," and said: "Silk Road's creation showed that you thought you were better than the law."

Before sentencing, Ulbricht reportedly spoke to the court for 20 minutes, pleading Judge Forrest to spare him a life sentence and asking her to please leave him a "light at the end of the tunnel."

In addition to running the notorious Silk Road, Ulbricht was also accused of hiring a hitman, who then turned out to be an FBI agent, in order to kill an employee he believed was stealing money from him.

Ulbricht’s defense team has already said they will appeal his conviction.

Owning a smartphone running Android 4.3 Jelly Bean or an earlier versions of Android operating system ?? Then you are at a great risk, and may be this will never end.

Yes, you heard right. If you are also one of millions of users still running Android 4.3 Jelly Bean or earlier versions of the operating system, you will not get any security updates for WebView as Google has decided to end support for older versions of Android WebView – a default web browser on Android devices.

WebView is the core component used to render web pages on an Android device, but it was replaced on Android 4.4 KitKat with a more recent Chromium-based version of WebView that is also used in the Chrome web browser.

Just a day after Google publicized a bug in Windows 8.1 before Microsoft could do anything about it, Tod Beardsley, a security analyst from Rapid7 who oversees the Metasploit project, discovered a serious bug in the WebView component of Android 4.3 and earlier that possibly left millions of Android smartphone users vulnerable to malicious hackers.

Android KitKit 4.4 and Lollipop 5.0 are not affected by the vulnerability, but over 60 percent of Android users – close to a billion people (950 Million) – still use the older version of Android 4.3 or below, which clearly states that the bug still affects more than a lot of people.

However, the response from Google after Beardsley notified the vulnerability made him and everyone of us stunned. Well, the tech giant won't patch the vulnerability in the WebView at all. The quote from Google to Beardsley is as follows:

"If the affected version [of WebView] is before 4.4, we generally do not develop the patches ourselves, but welcome patches with the report for consideration. Other than notifying OEMs, we will not be able to take action on any report that is affecting versions before 4.4 that are not accompanied with a patch."

As a result, only devices running KitKit 4.4 and Lollipop 5.0 will receive security updates for WebView from Google and the remaining Android versions will remain unpatched or rely on fixes from third party developers. The company has said that it will welcome third-party patches.

"Google's reasoning for this policy shift is that they 'no longer certify 3rd party devices that include the Android Browser', and 'the best way to ensure that Android devices are secure is to update them to the latest version of Android'," explained Beardsley.

"On its face, this seems like a reasonable decision. Maintaining support for a software product that is two versions behind would be fairly unusual in both the proprietary and open source software worlds."

In other words, in case if a hacker or a cyber criminal finds a way to exploit WebView on older versions of Android OS, Google will not release any patch for the vulnerability itself. However, if any outsider develops a patch, Google will incorporate those patches into the Android Open Source Project code and will further provide them to handset makers. This is where the company’s responsibility get over.

Though, Google says that WebView support in older versions of Android operating system is baked firmly into the operating system in such a way that it makes much harder for Google to create a patch to affected devices. This issue has been mitigated by the search engine giant in newer versions of Android by dropping WebView from the core OS and incorporating it into the Google Play Services app.

The authorities of the U.S. Federal Bureau of Investigation have announced that they have arrested "Silk Road 2.0" operator Blake Benthall, used the alias "Defcon" in California on Wednesday and charged him with conspiracy to commit drug trafficking, computer hacking, money laundering and other crimes.

Silk Road 2, an alternative to the notorious online illegal-drug marketplace that went dark in October of 2013, has been seized in a joint action involving the FBI, Department of Homeland Security, and European law enforcement.

"As alleged, Blake Benthall attempted to resurrect Silk Road, a secret website that law enforcement seized last year, by running Silk Road 2.0, a nearly identical criminal enterprise," Manhattan US Attorney Preet Bharara said in a statement. "Let’s be clear—this Silk Road, in whatever form, is the road to prison. Those looking to follow in the footsteps of alleged cybercriminals should understand that we will return as many times as necessary to shut down noxious online criminal bazaars. We don’t get tired."

The arrest comes almost a year after the arrest of a San Francisco man Ross William Ulbricht, also known as "Dread Pirate Roberts," — the alleged founder of the dark Web online drug bazaar "Silk Road" that generated $8 million in monthly sales and attracted 150,000 vendors and customers. At that time, FBI seized the notorious site, but the very next month, a nearly identical site, Silk Road 2.0, opened for business.

The Feds and the US Department of Justice claim 26-year-old Blake Benthall launched the notorious Silk Road 2.0 on Nov. 6, 2013, five weeks after the shutdown of the original Silk Road website and arrest of its alleged operator.

Benthall appeared Thursday afternoon in federal court before Magistrate Judge Jaqueline Scott Corley, where Assistant US Attorney Kathryn Haun told the judge that Benthall is a "severe flight risk," according to the San Francisco Chronicle.

Benthall is charged with conspiring to commit narcotics trafficking, conspiring to commit computer hacking, conspiring to traffic in fraudulent identification documents and money laundering. If convicted, he could be sentenced to life in prison.

Silk Road 2.0 operated much the same way as its predecessor did, it sold illegal goods and services on the Tor network and generates millions of dollars each month. As of September 2014, Benthall allegedly processed $8 Million in monthly sales, according to the FBI.

In order to maintain the the anonymity of buyers and sellers, Silk Road 2.0 offers transactions to be made entirely in Bitcoin, as well as accessed through The Onion Router, or TOR, which conceals Internet Protocol (IP) addresses enabling users to hide their identities and locations.

According to the FBI, it bought 1 kilogram of heroin, 5 kilograms of cocaine, and 10 grams of LSD from Silk Road 2.0, apparently from Benthall himself.

"The offerings on Silk Road 2.0 consisted overwhelmingly of illegal drugs, which were openly advertised as such on the site. As of October 17, 2014, Silk Road 2.0 had over 13,000 listings for controlled substances," reads the complaint.

Cyber criminals have exploited the power of two online advertising networks, Google's DoubleClick and popular Zedo advertising agency, to deliver malicious advertisements to millions of internet users that could install malware on a user's computer.

A recent report published by the researcher of the security vendor Malwarebytes suggests that the cyber criminals are exploiting a number of websites, including The Times of Israel, The Jerusalem Post and the Last.fm music streaming website, to serve malicious advertisements designed to spread the recently identified Zemot malware.

Malvertising is not any new tactic used by cybercriminals, but Jerome Segura, a senior security researcher with Malwarebytes, wrote in a blog post that his company “rarely see attacks on a large scale like this.”

"It was active but not too visible for a number of weeks until we started seeing popular sites getting flagged in our honeypots," Segura wrote. "That's when we thought, something is going on."

The first impressions came in late August, and by now millions of computers have likely been exposed to Zemot, although only those with outdated antivirus protection were actually infected.

According to Segura, the malicious advertisements lead users to websites containing Nuclear exploit kit, which looks for an unpatched version of Adobe Flash Player or Internet Explorer running on victim’s system. If found one, it downloads the Zemot malware, which then communicate it to a remote server and downloads a wave of other malicious applications.

However, by the time the malware was spotted, millions of computer machines may already have been exposed to Zemot, the researcher said, but at the mean time he also added that only those users with out-of-date antivirus software protection were actually infected by the malware.

The Zemot malware was identified by Microsoft earlier this month. According to Microsoft, Zemot is usually distributed not only by the Nuclear exploit kit but also by the Magnitude exploit kit and spambot malware Kuluoz. The malware focuses on computers running Windows XP, although it can also infect more modern operating systems running on x86 and 64 bit machines.

The malware can easily bypass the security softwares installed in the system before infecting computers with additional malware, therefore it is difficult to identify the attack it poses on a system.

A Google representative has confirmed the breach, and said that the team was aware of the breach and has since shut down all the affected servers which were redirecting malicious code, and have disabled the ads that delivered malware to user’s computers, reported The Verge.

A huge data-stealing cyber espionage campaign that targeted Banks, Corporations and Governments in Germany, Switzerland, and Austria for 12 years, has finally come for probably the longest-lived online malware operation in history.

The campaign is dubbed as 'Harkonnen Operation' and involved more than 800 registered front companies in the UK — all using the same IP address – that helped intruder installs malware on victims' servers and network equipments from different organizations, mainly banks, large corporations and government agencies in Germany, Switzerland and Austria.

In total, the cyber criminals made approximately 300 corporations and organisations victims of this well-organised and executed cyber-espionage campaign.

CyberTinel, an Israel-based developer of a signature-less endpoint security platform, uncovered this international cyber-espionage campaign hitting Government institutions, Research Laboratories and critical infrastructure facilities throughout the DACH (Germany, Austria, Switzerland) region.

From the analysis and research work done by CyberTinel, it is believed that the hackers had first penetrated computer networks as far back as 2002 and, according to Elite Cyber Solutions chief executive Jonathan Gad, the damage done to companies since then was "immeasurable".

"The German attackers behind the network then had total control over the targeted computers and were able to carry out their espionage undisturbed for many years." He added, "At this point, we are aware of the extent of the network, but the damage to the organisations who have been victims in terms of loss of valuable data, income or the exposure of information related to employees and customers is immeasurable."

The Harkonnen Operation attack was detailed in a special report [pdf] titled, "HARKONNEN OPERATION CYBER-ESPIONAGE," in which the researchers analysed and discovered companies that were compromised by seemingly generic trojans foisted through spear-phishing attacks.

The fact that the malware was installed via spear-phishing attacks from companies that appear legitimate — with the appropriate digital security certificates — gave the cyber criminals even more anonymity, enabling them to hit very secure servers and steal all types of top-secret documents.

The trojans detected in the attacks were GFILTERSVC.exe from the generic trojan family Trojan.win7.generic!.bt and wmdmps32.exe.

It is still unclear that who or what is behind the hack, but researchers believe that the malware campaign seems to be more like an organised crime operation than something a government intelligence agencies would do.

The scammers invested over $150,000 — a kingly sum for hackers — on hundreds of domain names, IP addresses and wildcard certificates to make its UK businesses appear legitimate. and in keeping the operation going.

Researcher has discovered a new Timing attack that could unmask Google users under some special conditions.

Andrew Cantino, the vice president of engineering at Mavenlink, detailed his attack in a blogpost st week. According to him, the attack could be used by an attacker to target a particular person or organization. A cyber criminal could share a Google document with an email address, un-checking the option by which Google sends the recipient a notification.

TIMING ATTACK USED TO DE-MASK TOR USER’S IDENTITY

Now, using timing attack exploit technique, a cyber criminal could figure out when someone logged into any one of the shared addresses visits the their site, Cantino said. An attacker could even use this attack in spear phishing campaigns or even could unmask the identity of Tor users if they’re logged in to Google while using the Tor browser.

Timing attack can allow to unmask targeted Google users as they browse the web. Cantino said the attack is straightforward. For example, if I control a website and want to know when a particular user with a particular Gmail address visits my website, in this case, I could use the exploit technique to identify the identity of that targeted user, and that too without setting a cookie.

If the Google document is viewable by the visitor, it will take longer to load the resulting page than if the document is not viewable.

“Since the result isn’t an image, the onerror callback of the image is triggered in both cases, but we can record how long it takes from image instantiation to triggering of the onerror. This time will be greater when the document is accessible. In my experiments, loading took an average of 891ms when the document was available, but 573ms when it was not,” Cantino said.

In order to gain users’ trust and steal credentials, an attacker could even make use of a phishing page that looks just like it’s logged into the victim’s account. This type of targeting attack could also help to identify the Tor users, if they’re logged into their Google account.

TIMING ATTACK

For those who are not aware of Timing attack, Timing attack is a type of side channel attack where an attacker gains information from the implementation of a cryptosystem rather than from any inherent weakness in the mathematical properties of the system.

Timing attacks exploit the timing variations in cryptographic operations. Because of performance optimizations, computations performed by a cryptographic algorithm often take different amounts of time depending on the input and the value of the secret parameter.

ISSUE REPORTED TO GOOGLE - NO FIX

The issue was responsibly reported to Google Security team by Andrew Cantino, the vice president of engineering at Mavenlink. The search engine giant acknowledged the issue, but declined to fix it because the risk, both in terms of impact and difficulty of exploiting this against a large population, is low.

“I don't really disagree with them— this is hard to fix, and fairly theoretical,” said Cantino, who previously had been awarded a bug bounty from Google multiple times. “Still, I think this is an interesting example of a timing attack, and shows how hard these sorts of issues can be to avoid.”